From: Kansas Health Initiative
Representatives of patients, providers, insurers and tech companies testify before federal panel
By Phil Cauthon, KHI News Service
WASHINGTON, D.C. — Health information technology is being rapidly adopted and the number of patients whose information is being digitized and exchanged over computer networks is likewise growing in leaps and bounds.
But some of the basic rules have yet to be written that will regulate users of health information technology (HIT) and protect the security and privacy of patient information.
Today, the top federal HIT regulatory body held a five-hour hearing as the first step toward crafting one small, but critical policy. Namely: What information should patients routinely be given regarding who has accessed their data?
A so-called “Accounting for Disclosures” policy must be crafted by the U.S. Department of Health and Human Services, as mandated by the HITECH Act, the same 2009 law that authorized more than $25 billion in incentive payments for doctors, hospitals and states to adopt HIT systems to take the place of paper records.
Representatives of patients, doctors, insurance companies, and technology companies that make the HIT systems, testified today via an online meeting of the agency’s HIT Policy, Privacy and Security Tiger Team.
A ‘patient’s right’
“We believe it’s the patient’s right to have digital access that is real-time and online for accounting of disclosures,” said Dr. Deborah Peel, the head of Patient Privacy Rights, a group she founded in 2004. Patients “need and want the data for our own health. We need to have independent agents as advisors, independent decision-making tools, we need independence from the institutions and data holders that currently control our information. We need to have agents that represent us, not the interests of corporations,” she said.
“I think the day will come when people will understand that their health information is the most valuable personal information about them in the digital world and that it’s an asset that should be protected in the same way that they protect and control their financial information online,” Peel said.
She recommended regulators require that makers of health information technology provide open access to logs that record every time a patient’s digital health information is accessed or shared over a network.
Leave a Reply